[...]
>>
> It gets pretty muddy trying to examine 19th century perspectives of
> 16th century codes. How much of the 19th century analysis was
> subjective creation on the part of the analyzers?

Astoundingly, very little, according to the anecdotes in Kahn's "The
Codebreakers".

The 19th Century holds the roots of many modern cryptology concepts.

We see the first steps toward "codification" of cryptanalytic "truths"
as cryptanalysis books appear in print. European military cryptanalysts
as well civilian cryptanalysts with strong connections to the military,
published basic cryptologic facts in the 19th Century - Kirchoff's
Principles, the Method of Kasiski. By the 19th Century, military
cryptanalysts knew substitution ciphers (and codes) preserved the
frequencies and dependencies of the "plaintext" in the "ciphertext" or
encoded messages. They knew of the probable word attack. The knew of
stereotyped beginnings and endings as ways into systems. They understood
the importance of messages in depth for substitution cipher systems, and
the importance of multiple same-length messages from transposition
cipher systems. They knew to exploit characteristics of the code books.
Code numbers assigned to plaintext tended to reflect the alphabetical
order of the plaintext - so an unknown code group between two known code
groups corresponded to plaintext alphabetically between that of those
two code groups. Here we see the root of "cryptosystem characteristic
exploitation", the idea of taking advantage of characteristics of the
mapping from plaintext to ciphertext to break into the system without
the key, or to reconstruct the key. This idea grew in the cryptanalysis
of rotor based cipher machines and flourishes today as in the
mathematical assessment of group characteristics, differential and
linear cryptanalysis, fast factoring algorithms, related-key attacks,
and more.

>
> Look at some of the analysis of the Voynich manuscript for example.
> What gets pulled out of the water in this case depends to a great
> extent on what the analyzer brings to the table.
>

Yes. Kahn covers this phenomenon well in his book in a chapter on
pathological cryptanalysis (IIRC). I tend to think of it as an
affliction of the amateur cryptanalyst. Consider it a blessing, though,
because had we no pathological cryptanalysis, William Friedman may had
never taken to cryptanalysis! (See Kahn's book for the story of his work
at Riverbank and the Quest to Decipher Shakespeare. )

Relevant Pages

Re: Kryptor for Linux released... I have been discussing with Angelo in private and I told ... version of their "cipher", no serious cryptographer would ... attacks attemps and reduced-round cryptanalysis.... I hope Angelo that you are not trying to push low-grade crypto around. ...(Focus-Linux)

No Fear of Cryptanalysis.... that I am expounding here in sci crypt is theoretically unbreakable by ... I will accept a paper cryptanalysis backed ... This cryptography uses a random key string that is equal in length to ...Pad cipher but is generally applicable to all scalar ciphers. ...(sci.crypt)

Re: simple math question... I did not once state that linear cryptanalysis or differential cryptanalysis ... If you actually want to learn how to design... from the basics by focusing on the attacks already published. ... An 8-bit cipher with an 8x8 bijective sbox S the cipher is simply ...(sci.crypt)

Re: Can you decrypt this?... the cipher is to have its integrity tested. ... supposing it is simply being submitted for cryptanalysis?... Why should I use a cypher whose security is dependant on how well the ... You think the Enemy is going to TELL you this? ...(sci.crypt)